<?php
header("Content-Type:text/html;charset=utf-8");
/*$url = "http://".$_SERVER['HTTP_HOST'];
header("Access-Control-Allow-Origin: ".$url); // 允许a.com发起的跨域请求  
//如果需要设置允许所有域名发起的跨域请求，可以使用通配符 *  
header("Access-Control-Allow-Origin: *"); // 允许任意域名发起的跨域请求  
header('Access-Control-Allow-Headers: X-Requested-With,X_Requested_With');  */
date_default_timezone_set('Asia/Shanghai');
session_start();

$con = mysqli_connect("localhost","root","root","ultrax");
// 检测连接
if (mysqli_connect_errno())
{
    die("连接失败: " . mysqli_connect_error());
}
if(!$_POST){ 
	echo json_encode(['code'=>0,'msg'=>'请求错误']);
	exit;
}
$username = $_POST['username'];
$password = $_POST['password'];  
/*$username = 'beauty';
$password = '123456';*/
$sql1 = "select salt,password from pre_ucenter_members where username = '{$username}'";
$result1 = mysqli_query($con,$sql1);
$res = mysqli_fetch_array($result1);
if($res){
	$passwords = md5(md5($password).$res['salt']);
    if($passwords == $res['password']){
    	$sql2 = "select uid,extgroupids,username from pre_common_member where username = '{$username}'";
    	$result2 = mysqli_query($con,$sql2);
        $res2 = mysqli_fetch_array($result2);
        if($res2['extgroupids']){
        	$uid = $res2['uid'];
        	$_SESSION['uid'] = $res2['uid'];
        	$_SESSION['username'] = $res2['username'];
        	echo json_encode(['code'=>1,'msg'=>'登录成功']);
		    exit;      	
        }else{
        	echo json_encode(['code'=>0,'msg'=>'还没购买用户组']);
	        exit;
        }
    }else{
    	echo json_encode(['code'=>0,'msg'=>'密码错误']);
	    exit;
    }
}else{
	echo json_encode(['code'=>0,'msg'=>'用户名错误']);
	exit;
}
mysqli_close($con);
?>